package io.renren.modules;

import com.alibaba.fastjson.JSON;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.annotation.CurrentSecurityContext;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@RequestMapping("/hello")
public class HelloController {

    @GetMapping
//    @PreAuthorize("hasAnyRole('超级管理员') or hasAnyAuthority('sys:schedule:list,sys:schedule:info')")
    @PreAuthorize("hasAnyAuthority('sys:schedule:list,sys:schedule:info')")
    public String hello(@CurrentSecurityContext SecurityContext principleContext) {
        return "hello...";
    }

    @GetMapping("/test")
    public String test(@CurrentSecurityContext SecurityContext securityContext) {
        return JSON.toJSONString(securityContext.getAuthentication());
    }
}
